As you may already know Exchange 2010 has the option to deliver voicemails in a mailbox of a user. The SMTP protocol is used to deliver the message to the HUB server which delivers it to the mailbox server.

In case you have multiple receive connectors you might, if you have configured them incorrectly, have issues which will result in the following error:

As you can see an error 500 5.3.3 occurs when the UM tries to deliver a message to the HUB Transport server. By default the UM server will use it’s certificate to authenticate itself. One important thing here is that the receive connector will have the Exchange Server authentication option enabled. By default this will be the receive connector named client servername, for example Client EX003. This connector only accepts connections which are authenticated.

When creating a receive connector, for example for allowing applications to relay, you will need to protect it by specifying IP addresses or IP ranged. If you use the last option this may lead to strange issues. For example if the UM server has the IP address 192.168.1.25 and you will specify the 192.168.1.1/24 range as the valid remote range on the receive connector. This will result in authentication errors on the UM server because it tries to authenticate using the certificate. This because the UM server thinks it needs to authenticate using the certificate.

In case you still want to provide an IP range on the connector there is one solution: configure a seperate connector for the UM server IP address and correct authentication method.

This will cause the UM server to use this connector instead of the relay connector. The rule for receive connectors is use the most restrictive one.

During an upgrade to Exchange 2010 SP1 I had a nasty problem. After the upgrade of the Unified Messaging server the server didn’t accept any calls.

In this case the Unified Messaging server was connected to a Nortel CS1000 which used the Subscriber Access and Auto-Attendant of Exchange.

But how can you find out what is going wrong? First a look at the event log may be usefull but in this case nothing strange could be found there. Because the default log level is set to a low level it was necessary to raise the log level to a higher level. This can be done via two methods:

Exchange Management Console

Exchange Management Shell

Exchange Management Console

open the Exchange Management Console

select the node server management

select the Unified Messaging server

select the option Manage Diagnostics Logging in the right menu

search for MsExchange Unified Messaging in the list

raise the logging level for the following items: UMCalldata, UMCore and UMService

Don’t forget to reset the logging level to the original level when you are ready with troubleshooting.

When the logging level is raised it’s time to reproduce the issue. This can be done by, for example, call the Subscriber Access.

In this case this doesn’t help you much either so there was one option left: use a sniffer. Personally my favorite is Wireshark which can be downloaded for free from this site.

Once installed it’s time to reproduce the issue again, don’t forget to enable the capture before doing this.

When you have reproduced the issue you will see a lot of messages which are captured. Among them messages which are from the protocol type SIP. Select one of these rules and select the option Analyze followed by Follow TCP Stream. This will give an overview of all SIP messages.

Normally you will see the messages below:

When the problem occurs you will find only two messages Invite and Moved Temporarily:

When having a look at the trace above you will see that besides port 5060 also port 5065 is used. Exchange UM will try to redirect the traffic to port 5065. As the Nortel will continue to send messages to port 5060 the call won’t succeed. To solve this issue you will need to make a modification to the trunk so it will send messages via poty 5065 instead of 5060.

Once this has been changed the Nortel will be able to setup a connection to the Exchange UM server. But is this a real solution? Not really but this will require some additional explanation.

So why does Exchange wants to redirect the traffic to port 5065 and doesn’t use port 5060 which is used for SIP by default. Port 5060 is also used by Exchange for SIP but besides this another process is running called the UM Worker process which does the real work. Exchange will use the following ports for this:

5065 and 5067 for SIP

5066 and 5068 for Secure SIP

The Exchange UM Worker process will be recycled once a week, this may has as a result that the Nortel can’t setup a connection after one week. This because the UM Worker process is recycled and now is using 5067.

But is there a solution for this issue? Well at this moment there isn’t one but I think somebody in the background is working hard on a solution for this. So for now we have the following options:

don’t upgrade Exchange 2010 SP1

place a gateway between the Exchange 2010 UM server and the Nortel environment

reboot the Exchange 2010 UM server once a week

Because all options are not really a good solution you may need to choose the best of these three, from my point of view the last one.

If you would like to have more info about the Exchange 2010 UM process have a look at the following site.

It has been a while since the last tutorial, so it gets time to publish a new one. This one will inform you about the new functionality that’s included in Exchange 2010 SP1 beta and then specifically the Unified Messaging role.

This is one of the new things in Service Pack 1, in the RTM version this was not necessary. In RTM you only needed to install the prerequisits using the Excahnge-UM.xml file. The files mentioned above are additional to this. Please pay attention when installing the Unified Communications Managed API 2.0 it might look the installation is done very quickly. But what is only done during the installation is extracting the files to C:\Microsoft UCMA 2.0 RuntimeInstaller Package\amd64 here you can find the file SetupUcmaRuntime which does perform the installation of UCMA 2.0.

After the files have been installed you can start the installation of Exchange and select the Unified Messaging Role. Besides selecting the Unified Messaging Role don’t forget to place a checkmark before automatically install Windows Server Roles and Features required for Exchange Server. This new option will install all Windows Server Roles and Features necessary for the installed Exchange role.

Once installed it’s time to start the Exchange Management Console and selecting the UM Server which can be found under the organizational configuration tree. On the organizational configuration level you can configure the following things:

dial-plan

gateway

hunt group

auto attendant

UM policy

Let’s begin with creating the dial-plan. First we need to specify the name, the length of the extensions, URI type, VOIP Security and Country/Region code. Depending on what kind of implementation you are performing you might chose other options for the URI type and VOIP security. In this case the dial-plan will be used to attach the Exchange UM server to an OCS 2007 R2 environment.

In the next step we will need to add the servers attached to the dial-plan. In this case it’s only one server but in an environment where you’ve got multiple UM servers you can easily add them all here.

Before the dial-plan is created you will get an overview of the settings which will be used. When pushing the New button the dial-plan will be created.

When the dial-plan is created you will see a warning. This warning is the result of the default configuration of the UM server. The UM Server is default configured to accept traffic using TCP. Since we configured the dial-plan to accept only traffic which is secured we will need to modify this option on server configuration level so that the server will accept TLS traffic.

After the wizard has been closed you will need to get the properties of the dial-plan to configure the subscriber-access. This feature can be used by users to call their mailbox to, for example, check if new mails have arrived. Once you get the properties of the UM server select the subscriber access tab and add the extension which you would like to use fot this functionality.

Next step in the process is to add the gateway to which the Exchange UM server will need to send it’s traffic to.

We will only need to specify a name, IP-address of FQDN of the gateway and the dial-plan which may use this gateway.

During the creation of the gateway a hunt group will be automatically created. In some cases it may be necessary to remove the hunt group and create a new one. This because the pilot identifier will not be configured by default. If want to skip the creation of the hunt group don’t select a dial-plan and attach the gateway manually to the dial-plan.

Default a UM Mailbox policy will be created during the creation of the dial-plan. With this policy you may not have to change things as the settings are OK for your organization. But if you like to make changes to the text of the message which is send to the users when they are UM enabled then modify the policy.

Beside the text there are a lot of other settings which are defined by this policy. For example the pin policies which you would like to apply to users: complexity, minimum pin length and wrong pin attempts.

Optional it’s possible to configure an auto attendant. This is an electronic operator which can transfer calls and play a menu to the caller with options which will transfer him/her to the correct department.

The configuration at organizational configuration level is finished and so it’s to configure some things on server configuration level. Get the properties of the UM server and select the UM Settings tab. Change the value of the startup mode to TLS or Dual and press OK.

A warning will be displayed that the Exchange UM service will need to be restarted and that you will need to verify that a valid certificate is assigned to the service. The certificate is important because we selected secure at the dial-plan. This will ensure that all traffic is secured using certificates for authentication. If an invalid certificate is used by one of the parties the communication will fail.

If you decide to install the certificate later then you may have some issues with restarting the Exchange UM service. This because the self-signed certificate is not assigned to the Exchange UM service.

Configuring UM can be dan a lot easier when using Powershell. Below you will find an overview of commands which you can use to create the configuration exactly as done via the GUI:

If you like Powershell then I recommend to use it because configuring UM goes a lot faster.

New in SP1 are two additional expensions for the UM role, these can be found under tools in the Exchange Management Console:

Call Statistics

User Call logs

First the call statistics, this report utility can be used to generate overviews of calls which are processed by your Exchange UM server. This may be very usefull when you would like to get an overview of how much users will use the UM functionality of Exchange.

Besides to the overall overview you can generate reports per user using the user call log. In this overview you can for example see how much calls a user receives and which quality the call was. This may be very usefull when troubeshooting the quality of calls

But what are the other changes in SP1 when looking at UM:

you can assign a second dial plan to a user. In some scenario’s ut may be usefull to assign a second extenstions to a user.

cross-forest migration of UM-mailboxes is possible

UM Settings can be managed using the Exchange Control Panel

no support for Exchange 2010 SP1 in combination with Office Communication Server 2007

Remark: all features and screenshots mentioned in this article are based on the beta of SP1 and may change in the final release.

If you are troubleshooting an issue some logging is really usefull. On the UM server diagnostic logging is enabled by default on the lowest level. In case you need to have more logging you should manually change it to a higher level.

Besided the parameters already mentioned you can give up several other parameters for example to change the install directory, below an overview of a few of them:

/OrganizationName, /on with this parameter you can specify an Exchange organization, this parameter is needed when no Exchange environment is currently active.

/TargetDir, /twith this parameter you can specify the install directory, default it is %programfiles%\Microsoft\Exchange Server.

/DomainController, /dcwith this parameter you can specify the domaincontroller which is used for gathering the information that is needed and for writing some config issues in the Active Directory.

/UpdatesDir, /uif you don’t want to install all updates manually after the setup you can use this parameter to install them automatically.

Besides the already mentioned parameters there are parameters for preparing the forest and domain for Exchange 2007:

/PrepareLegacyExchangePermissions, /pl when you have installed an earlier version of Exchange you can’t adjust the Active Directory for Exchange 2007. You should use this parameter to ensure that the previous Exchange versions will be working together with Exchange 2007. When you don’t use this parameter it could be that the Recipient Update Service doesn’t work OK anymore.

/PrepareSchema, /ps this parameter is used to prepare the schema for Exchange 2007. You should run the Exchange setup with this parameter on the Schema Master This parameter doesn’t need to be specified when using PrepareLegacyPermissions, when using that it will be automatically done.

/PrepareAD, /p with this parameter you will prepare the forest. This parameter will also run the PrepareDomain parameter/action.

/PrepareDomain, /pd will ensure that the domain will be prepared for Exchange 2007.

/PrepareAllDomains, /pad this parameter is the same as the previous one, only this one will prepare all domains and subdomains.

Besides all the parameters mentioned there are a lot of more parameters that you can use, a full overview can be found on this site.